# Fail2Ban filter to web requests for home directories on Apache servers
#
# Regex to match failures to find a home directory on a server, which
# became popular last days. Most often attacker just uses IP instead of
# domain name -- so expect to see them in generic error.log if you have
# per-domain log files.

[INCLUDES]

# overwrite with apache-common.local if _apache_error_client is incorrect.
before = apache-common.conf

[Definition]


failregex = ^%(_apache_error_client)s (AH00128: )?File does not exist: .*/~.*

ignoreregex = 

# Author: Yaroslav O. Halchenko <debian@onerussian.com>
